package com.example.controller;


import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class DemoController {

    /**
     * @Secured("ROLE_USER") :标注在映射方法上，表示访问该请求的用户主体需要此角色信息
     */

    @GetMapping("/")
    @ResponseBody
    @Secured("ROLE_USER")
    public String test(){
        return "success";
    }

    @GetMapping("/admin")
    @ResponseBody
    @Secured("ROLE_ADMIN")
    public String admin(){
        return "admin_success";
    }
}
